Note: This is an archival copy of Security Sun Alert 200454 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000335.1.
Solaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Date of Resolved Release
Security vulnerabilities in the tip(1) command may allow a local unprivileged user the ability to execute arbitrary code with the privileges of user uucp(uid 5).
This issue can occur in the following releases:
There are no predictable symptoms that would indicate the described issue has been exploited to execute arbitrary commands with the privileges of the uucp(uid 5) user.
To work around the described issue, remove the set-user-ID bit from the "tip" binary by issuing the following command:
# chmod u-s /usr/bin/tip
Note: removing the set-user-ID bit from the "tip" binary will prevent unprivileged users from using the "tip" command to access calling devices (like modems).
This issue is addressed in the following releases:
This solution has no attachment